Secunia Security Advisory - Lostmon has reported multiple vulnerabilities in CubeCart, which can be exploited by malicious people to conduct cross-site scripting attacks.
eafbbe50ba152483afe36fc30d919736838bd7364030b1a275389d76cfeaabc4
----------------------------------------------------------------------
Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS
Request Trial:
https://ca.secunia.com/?f=l
----------------------------------------------------------------------
TITLE:
CubeCart Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID:
SA14416
VERIFY ADVISORY:
http://secunia.com/advisories/14416/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
SOFTWARE:
CubeCart 2.x
http://secunia.com/product/4021/
DESCRIPTION:
Lostmon has reported multiple vulnerabilities in CubeCart, which can
be exploited by malicious people to conduct cross-site scripting
attacks.
Input passed to certain parameters in various scripts is not properly
sanitised before being returned to users. This can be exploited
execute arbitrary HTML and script code in a user's browser session in
context of a vulnerable site.
Variables reported to be affected:
cat_id
PHPSESSID
view_doc
product
session
catname
search
page
Scripts reported to be affected:
forgot_pass.php
index.php
login.php
logout.php
new_pass.php
register.php
sale_cat.php
search.php
tellafriend.php
view_doc.php
view_order.php
view_product.php
your_links.php
your_orders.php
The vulnerabilities have been reported in version 2.0.5 and prior.
SOLUTION:
Update to version 2.0.6.
PROVIDED AND/OR DISCOVERED BY:
Lostmon
ORIGINAL ADVISORY:
http://lostmon.blogspot.com/2005/02/cubecart-20x-multiple-variable-xss.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------